The Kenya Revenue Authority (KRA) found itself at the center of a cybersecurity incident after its official X (formerly Twitter) account was hacked on Thursday, even as the country marked National Cybersecurity Week — an event dedicated to promoting awareness and resilience in the digital space.
The breach, which occurred in the early hours of the morning, saw the verified KRA account taken over by unknown individuals who posted a series of unauthorized and bizarre messages, sparking confusion among users. The compromised account temporarily displayed non-official content before it was later restored by KRA’s digital communications team.
The hacking incident comes at a time when Kenya is observing National Cybersecurity Awareness Week, an annual campaign organized by the Communications Authority of Kenya (CA) and the National Computer and Cybercrimes Coordination Committee (NCCCC) to educate citizens and organizations about digital safety, data protection, and the evolving nature of cyber threats.
Many Kenyans took to social media to express disbelief at the timing, noting the irony that a key government agency experienced a cyber breach during a week dedicated to promoting cybersecurity preparedness. Some users pointed out that the incident highlights the urgency for government institutions to bolster their online security frameworks, given the growing sophistication of cybercriminals.
Over the past two years, Kenya has witnessed a surge in cyberattacks targeting both government systems and private organizations. Data from the Communications Authority’s 2024 Cybersecurity Report indicates that the country recorded over 800 million cyber threat attempts between July 2023 and June 2024, a 35% increase from the previous year. The most common threats include phishing, ransomware, and social engineering — tactics often used to gain unauthorized access to official accounts.
The KRA incident underscores the vulnerability of institutions that manage sensitive digital platforms. Although the authority confirmed that no taxpayer or financial data was compromised, cybersecurity specialists warn that such breaches can erode public trust and disrupt digital service delivery.
KRA, which has in recent years transitioned most of its operations online through platforms such as iTax, TIMS, and eCitizen integrations, plays a central role in Kenya’s digital transformation agenda. Its services handle millions of transactions daily, making cybersecurity a top priority. The authority has been investing in technology upgrades, staff training, and partnerships with cybersecurity agencies to safeguard its digital infrastructure.
Meanwhile, the National Computer Incident Response Team (KE-CIRT/CC) under the Communications Authority has launched an investigation into the hack. The agency has urged institutions to enhance account security through multi-factor authentication (MFA), strong password management, and regular security audits.
The hacking episode has once again sparked a broader national conversation about Kenya’s cybersecurity readiness. While the government has made significant strides in establishing frameworks such as the National Cybersecurity Strategy (2022–2027), experts argue that implementation remains inconsistent across agencies. As digital transformation accelerates, ensuring that all public sector entities adhere to robust cybersecurity protocols is becoming increasingly critical.
Ironically, during the same week, several government officials and industry leaders were attending cybersecurity awareness events in Nairobi under the theme “Safe Digital Kenya”, where discussions centered on protecting national infrastructure, data sovereignty, and the future of digital governance. The KRA breach has now added a sense of urgency to these conversations, serving as a real-time case study of the risks Kenya faces in its digital landscape.
Despite the setback, KRA has assured Kenyans that all its services — including tax filings, PIN applications, and customs operations — remain fully operational. The authority has also encouraged users to rely on official communication channels and to disregard any misleading information shared during the account compromise period.
As Kenya continues its journey toward becoming a fully digital economy, the incident serves as a stark reminder that cybersecurity is not just an IT issue — it’s a national priority. Strengthening digital defenses, investing in technology, and cultivating a culture of vigilance will be essential in ensuring that both public and private sectors remain resilient against cyber threats.